Dec 2019 – Jun 2025 · 5 yrs 6 mos · Washington, District of Columbia, United States · Hybrid

Jun 2016 – Dec 2019 · 3 yrs 6 mos · VA

Nov 2015 – Jun 2016 · 7 mos

Jan 2012 – Jan 2013 · 1 yr

• Work with Business IT teams to continually improve the security posture of their application portfolios.
• Creation of a sustainable security framework to allow secure technology standardization
• Develop business cases for the adoption of new technology, standards and processes.
• Review projects for security concerns and provide security guidance to business partners
• Provide guidance to engineering and support teams on security risks
• Support management in understanding architectural information risk

Sep 2010 – Nov 2015 · 5 yrs 2 mos · Greater Hyderabad Area

• Project Planning, Effort estimates, Proof of Concept (POC) and Resource management.
• Developing the database security based tools
• Implementation of Security tools like HP Web inspect, IBM APP Scan, Nessus.
• Information security,Mobile security , Web Application security , Network security , Big Data security , Cloud Security Consulting Architecture & Engineering,Source code review.
• Static Application Security and Dynamic Application assessment of web, Network, Mobile, SSRS, Relational Database and client-server applications, Threat modeling and Resource management.

Oct 2008 – Jan 2010 · 1 yr 3 mos

• Threat & Vulnerability Management, Incident Management, Automated Data Collection, Security Assessment, Business Continuity Management, Notifications, Workflows management.
• Provide consulting services around IT GRC products as part of SCCS's ITGRC offering which includes product implementation and integration
• Involved in the research and development of security content for various standards such as COBIT, SOX, FISMA, HIPAA, NIST, DOD STIGS, ISO 17799 etc, for Risk Vision product.
• Compliance Manager, Policy Manager, Enterprise Risk Management, Vendor Risk Management, Security/Operational Risk, Dashboard, Report

Mar 2008 – Oct 2008 · 7 mos

• Cold Migration hot Migration & Vulnerability Analysis of ESX servers
• Penetration Testing and Vulnerability Analysis and memory hardening.
• Develop the integration and automation strategy around multiple VM toolsets

Jan 2007 – Jan 2008 · 1 yr

Dec 2006 – Feb 2008 · 1 yr 2 mos · Greater Hyderabad Area

• Implementation understanding of IDM products like Site Minder, Citrix IDM and access control, ESX, Virtualization, Cloud and also SSO implementation.
• Manual security testing, Mobile security testing, Data base security testing on SQL injection, XSS, CSRF and Session Management and Network security Assessment/Testing.
• Single Sin On, Radius, Samba, AIX, Solaris and Active Directory,Google app.